Amazon OpenSearch Service now supports JSON Web Token (JWT) authentication and authorization

Posted on: Jun 19, 2024

Amazon OpenSearch Service now supports JSON Web Token (JWT) that enables you to authenticate and authorize users without having to provide any credentials or use internal user database. JWT support also makes it easy for customers to integrate with identity provider of their choice and isolate tenants in a multi-tenant application.

Until now, Amazon OpenSearch Service allowed customers to implement client and user authentication using Amazon Cognito and basic authentication with the internal user database. With JWT support, customers can now use a single token which any operator or external identity provider can use to authenticate requests to their Amazon OpenSearch Service cluster. Customers can setup JWT authentication using the console or CLI, as well as the create and update domain APIs.

JWT authentication and authorization is now available on Amazon OpenSearch Service domains in all AWS regions where Amazon OpenSearch service is available.

For more information about the JWT authentication and authorization, please see the documentation. To learn more about Amazon OpenSearch Service, please visit the product page.